Fine-grained Protection Domain based on Segmentation Mechanism
نویسندگان
چکیده
Extensibility is a vital property of modern applications. An extension component is downloaded from Internet and loaded into an application. However, an extension component may be malicious. Thus there is a risk of the application being illegally accessed. To protect the application from malicious components, this paper proposes a multi-protection page table: a mechanism for providing protection among an application and components residing in the same address space. A multi-protection page table provides kernel-level fine-grained protection domains, thereby enabling efficient crossdomain calls between fine-grained protection domains. To prove that a multi-protection page table can be implemented on stock hardware, the paper shows the implementation on IA-32 (32-bit Intel Architectures). Experimental results show that a cross-domain call requires only 267-700 cycles and the performance in a real application is also good enough.
منابع مشابه
Exploiting Segmentation Mechanism for Protecting against Malicious Mobile Code
This paper describes a mechanism for protecting against malicious mobile code. As mobile code is linked with a hosting application and executed in the same process, a fine-grained protection domain providing an intra-process protection is required to prevent a malicious mobile code from unauthorized access. This paper introduces a multi-protection page table: a mechanism of virtual memory that ...
متن کاملA Hierarchical Protection Model for Protecting against Executable Content
Executable content poses a threat of unauthorized access because it contains program code running on the user’s machine. Protecting against executable content is difficult because of the inevitable flaws in the implementation of protection mechanisms. This paper introduces a hierarchical protection model to tolerate flaws in protection mechanisms. This model improves both the granularity and th...
متن کاملA Survey on the Interaction Between Caching, Translation and Protection
Fine-grained hardware protection could deliver significant benefits to software, enabling the implementation of strongly encapsulated light-weight objects, but only if it can be done without slowing down the processor. In this survey we explore the interaction between the processor’s caches and virtual memory in traditional as well as research architectures. We find that while caching and trans...
متن کاملAn improved joint model: POS tagging and dependency parsing
Dependency parsing is a way of syntactic parsing and a natural language that automatically analyzes the dependency structure of sentences, and the input for each sentence creates a dependency graph. Part-Of-Speech (POS) tagging is a prerequisite for dependency parsing. Generally, dependency parsers do the POS tagging task along with dependency parsing in a pipeline mode. Unfortunately, in pipel...
متن کاملHandling Memory Corruption Faults In Sensor Networks
Typical sensor nodes use resource constrained micro-controllers where user level applications, operating system components, device drivers, etc., reside within a single address space with no form of memory protection. A programming error in an application can easily corrupt the state of the operating system and other software components on the node. To protect against such errors, we propose a ...
متن کامل